New Tool to Find iPhones & iOS Devices Infection
Kaspersky reported earlier this month that they have discovered a new Zero-click iOS exploit currently being exploited by threat actors. The exploitation involves using iMessage…
Category: CyberSecurityNews
Hackers Inject Shell Scripts into eCommerce Sites
A recently discovered credit card theft operation, Magecart, has adopted an innovative approach by utilizing authentic websites as makeshift C2 servers. This strategy enables them…
Malicious Chrome Extension With Over 75 Million Downloads
Google has removed 32 malicious extensions from the Chrome Web Store that could have changed search results and pushed spam or unwanted adverts. They have…
What is PCI Penetration Testing?
Organizations dealing with card payment data must comply with the Payment Card Industry Data Security Standard (PCI DSS) to protect cardholder data. Per this Standard,…
Google Drive Security Flaw Let Hackers Exfiltrate Data
Google Drive is one of the most used cloud-based storage platforms, and due to its immense popularity and capabilities, it’s actively targeted by threat actors. …
MOVEit Transfer Vulnerability Let Attackers Escalate Privileges
MOVEit Transfer software was discovered to be vulnerable to a potential privilege escalation and unauthorized access to the environment. Users are recommended to take the…
‘Migraine’ Flaw Let Hackers Bypass MacOS Security Integrity
A recently discovered vulnerability called “Migraine” is linked to macOS migration and poses a serious threat. It enables attackers with root privileges to circumvent System…
Zero-Click iOS Malware Actively Attacks iPhone Through iMessage
Kaspersky recently reported that a number of iPhones connected to its network were compromised through an iOS vulnerability. The attackers exploited iMessage’s zero-click exploits, allowing…
Ghost Sites – Deactivated Salesforce Websites Data Leak
Researchers at Varonis Threat Labs discovered that some Salesforce sites were improperly deactivated or unmaintained SalesforceGhost Sites. Threat actors can exfiltrate PII and business data…
Ransomware Attack Prevention Checklist – 2023
Businesses face significant hazards from ransomware attacks, which are capable of causing severe damage in a brief period. Over the past few years, numerous well-known…
Network Security Checklist – 2023
Network security is paramount in today’s digital landscape, where organizations face increasingly sophisticated threats. This guide presents a detailed Network Security checklist with examples to…
New Cryptomining Malware Delivered Using TeamViewer Accounts
In May 2023, Huntress ThreatOps Center analysts detected a cryptocurrency miner (XMRig) on an endpoint, identified the miner’s associated site and wallet address by locating…